CVE-2024-21211

🗓️ 15 Oct 2024 19:52:41Reported by oracleType

Vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product. Allows unauthenticated attacker to compromise and unauthorized access to data

Reporter	Title	Published	Views	Family All 52
IBM Security Bulletins	Security Bulletin: Vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.	14 May 202519:42	–	ibm
AlpineLinux	CVE-2024-21211	15 Oct 202419:52	–	alpinelinux
Broadcom	Oracle Java SE Multiple Vulnerabilities (October 2024)	8 Jul 202500:00	–	broadcom
Broadcom	Azul Zulu Java Multiple Vulnerabilities (October 2024)	8 Jul 202500:00	–	broadcom
Chainguard	CVE-2024-21211 vulnerabilities	23 Aug 202508:15	–	cgr
CNNVD	Oracle Java SE 安全漏洞	15 Oct 202400:00	–	cnnvd
CNVD	Unspecified Vulnerability in Oracle Java SE (CNVD-2024-44548)	23 Oct 202400:00	–	cnvd
Cvelist	CVE-2024-21211	15 Oct 202419:52	–	cvelist
Debian CVE	CVE-2024-21211	15 Oct 202419:52	–	debiancve
EUVD	EUVD-2024-18925	3 Oct 202520:07	–	euvd

NVD

Vulners

Node

netapp bootstrap_osMatch-

AND

netapp hci_compute_nodeMatch-

Node

oracle graalvmMatch20.3.15enterprise

oracle graalvmMatch21.3.11enterprise

oracle graalvm_for_jdkMatch17.0.12

oracle graalvm_for_jdkMatch21.0.4

oracle graalvm_for_jdkMatch23

oracle jdkMatch23

oracle jreMatch23

[
  {
    "vendor": "Oracle Corporation",
    "product": "GraalVM",
    "cpes": [
      "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*",
      "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"
    ],
    "versions": [
      {
        "version": "Oracle Java SE:23",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM for JDK:17.0.12",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM for JDK:21.0.4",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM for JDK:23",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:20.3.15",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:21.3.11",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Oracle Corporation",
    "product": "Oracle Java SE",
    "cpes": [
      "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*",
      "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*",
      "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"
    ],
    "versions": [
      {
        "version": "Oracle Java SE:23",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM for JDK:17.0.12",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM for JDK:21.0.4",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM for JDK:23",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:20.3.15",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:21.3.11",
        "status": "affected"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpuoct2024.html
security	www.security.netapp.com/advisory/ntap-20241018-0008/

23 Jun 2025 19:11Current

3Low risk

Vulners AI Score3

CVSS 3.13.7

EPSS0.00279

SSVC

CWE-922